Need quick help with ActiveSync/Autodiscover
Having some issues after changing my MX record to point to my new Exchange 2010 server. All users are still on the old 2003 server. I believe the issues, which are ActiveSync and Autodiscover related, all stem from external DNS. Hopefully someone can help me here. When I use the Microsoft Exchange Server Remote Connectivity Analyzer, ActiveSync and Autodiscover fail. Right now, I have my MX record still pointing to my 2003 server until I can get this resolved.
Using a Microsoft document, I had my ISP create an SRV record for autodisvoer for my domain. no A record, just the SRV record. At this stage, the test totally fails because it can't find an A record (was told to delete that).
I also see that when I DI have an A record for autodiscover, it ended up looking at our public website (hosted) for autodiscover, which it couldn't find, and it also was looking at the webhosts certificate....
I'm assuming this is because our domain name "mycompany.com" was included on my UCC certifiacte, and is also our external DNS name....
Using a Microsoft document, I had my ISP create an SRV record for autodisvoer for my domain. no A record, just the SRV record. At this stage, the test totally fails because it can't find an A record (was told to delete that).
I also see that when I DI have an A record for autodiscover, it ended up looking at our public website (hosted) for autodiscover, which it couldn't find, and it also was looking at the webhosts certificate....
I'm assuming this is because our domain name "mycompany.com" was included on my UCC certifiacte, and is also our external DNS name....
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Just confirmed that this is defintiely why autodiscover is not working.....my mail server is called "mail.mycompany.com" and is hosted on our LAN behind our firewall. I have a NAT policy for it.
Our internal and external domain names are the same, so for some reason when the autodiscover test happens, it immediately looks at the root domain "mycompany.com" which goes to the company that hosts our www site.
How can I fix this? Do I need to modify me certificate? Something I can do via external DNS??
This is really holding me back from moving forward.
Our internal and external domain names are the same, so for some reason when the autodiscover test happens, it immediately looks at the root domain "mycompany.com" which goes to the company that hosts our www site.
How can I fix this? Do I need to modify me certificate? Something I can do via external DNS??
This is really holding me back from moving forward.
ASKER
Actually, I can get by without Autodiscover until later.....My main problem is that ActiveSync is not working and OWA is redirecting users to a blank page.
ASKER
Just switched over to the new 2010 serve to test. The one user I've moved over to 2010 can then login to OWA and use AutoDiscover to configure an Activesync mobile client with no issues.
ANY and ALL existing 2003 users do not get directed to the old server, either through OWA or(it appears) through Activesync...
I'm still thinking permission/authentication issue between the two servers, but am not sure how to test/verify....
ANY and ALL existing 2003 users do not get directed to the old server, either through OWA or(it appears) through Activesync...
I'm still thinking permission/authentication issue between the two servers, but am not sure how to test/verify....
Your external a record should point to your internet ip, the right ports (80, 443) should be forwarded to your owa server and certificate should be loaded in iis and valid for your owa url.
As you. are getting blank page you should verify the connection in the iis log and probably neef to reconfig iis
As you. are getting blank page you should verify the connection in the iis log and probably neef to reconfig iis
ASKER
I figured this one out. My bad. NAT policy for legacy was incorrect. Working on ActiveSync issues now.....As soon as I flip the switch to point to the new 2010 server, all mobile users can't sync. Uggh.
ASKER
-There is no wildcard entry pointing to my webserver currently, only a "www" A record.
-I already have an external entry for "mail.mycompany.com" in DNS.
-In ESM, the settings appear correct for the 2010 server.
The problem is with all the users who currently exist on the Exchange 2003 server. If they go to OWA, they get the new 2010 login page, and when they type in their credentials, it does not redirect them to the legacy page. This works like a charm internally.
The same users are immediately prompted for Exchange passwords on their iPhone.
I can recreate this issue at any time by simply changing my NAT policy to point to the 2010 server instead of the 2003 server.
Because of the analyzer results, and the (non)redirect to legacy.mycompany.com, I was sure it had to do with either permissions somewhere or the certificate.